Filtered by vendor Cross-spawn
Subscriptions
Filtered by product Cross-spawn
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-21538 | 1 Cross-spawn | 1 Cross-spawn | 2024-11-08 | 7.5 High |
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string. |
Page 1 of 1.